30 May
2007
30 May
'07
9:41 p.m.
-----Original Message----- From: "Martin v. Löwis" [mailto:martin@v.loewis.de]
Yes, I am aware of that. But the signature makes a man-in-the-middle attack harder.
Sure. However, I think that this protection against an unlikely scenario cannot outweigh the main problem of code signing: that people get a false sense of security. And trust (sic) me: they do.
Us trying to lecture MS on software security is pointless. The current install will give users a sense of insecurity, false or otherwise. Kristjan